104.21.38.154 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.38.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33411
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.21.38.154.			IN	A

;; AUTHORITY SECTION:
.			454	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 02:26:59 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 154.38.21.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.38.21.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.208.255.249	attackbots	Mar 28 06:49:05 our-server-hostname postfix/smtpd[9408]: connect from unknown[178.208.255.249] Mar x@x Mar 28 06:49:07 our-server-hostname postfix/smtpd[9408]: lost connection after RCPT from unknown[178.208.255.249] Mar 28 06:49:07 our-server-hostname postfix/smtpd[9408]: disconnect from unknown[178.208.255.249] Mar 28 07:00:13 our-server-hostname postfix/smtpd[12760]: connect from unknown[178.208.255.249] Mar 28 07:00:15 our-server-hostname postfix/smtpd[12760]: NOQUEUE: reject: RCPT from unknown[178.208.255.249]: 554 5.7.1 Service unavailable; Client host [178.208.255.249] blocked us .... truncated .... Client x@x Mar 28 19:26:42 our-server-hostname postfix/smtpd[3294]: lost connection after RCPT from unknown[178.208.255.249] Mar 28 19:26:42 our-server-hostname postfix/smtpd[3294]: disconnect from unknown[178.208.255.249] Mar 28 19:28:06 our-server-hostname postfix/smtpd[5251]: connect from unknown[178.208.255.249] Mar x@x Mar 28 19:28:07 our-server-hostname postfix........ -------------------------------	2020-03-29 00:07:33
36.89.49.195	attackbotsspam	DATE:2020-03-28 13:38:08, IP:36.89.49.195, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-03-29 00:32:17
180.125.71.66	attack	Mar 28 13:29:04 izar postfix/smtpd[743]: connect from unknown[180.125.71.66] Mar 28 13:29:07 izar postfix/smtpd[743]: warning: unknown[180.125.71.66]: SASL CRAM-MD5 authentication failed: authentication failure Mar 28 13:29:08 izar postfix/smtpd[743]: warning: unknown[180.125.71.66]: SASL PLAIN authentication failed: authentication failure Mar 28 13:29:12 izar postfix/smtpd[743]: warning: unknown[180.125.71.66]: SASL LOGIN authentication failed: authentication failure Mar 28 13:29:13 izar postfix/smtpd[743]: disconnect from unknown[180.125.71.66] Mar 28 13:29:13 izar postfix/smtpd[745]: connect from unknown[180.125.71.66] Mar 28 13:29:17 izar postfix/smtpd[745]: warning: unknown[180.125.71.66]: SASL CRAM-MD5 authentication failed: authentication failure Mar 28 13:29:17 izar postfix/smtpd[745]: warning: unknown[180.125.71.66]: SASL PLAIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.125.71.66	2020-03-29 00:33:58
201.49.127.212	attackspambots	Mar 28 13:41:11 sshd[12524]: Failed password for invalid user nsg from 201.49.127.212 port 35206 ssh2	2020-03-29 00:33:39
179.113.122.48	attackspambots	Mar 28 17:08:32 minden010 sshd[15120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.113.122.48 Mar 28 17:08:35 minden010 sshd[15120]: Failed password for invalid user tanya from 179.113.122.48 port 42106 ssh2 Mar 28 17:11:10 minden010 sshd[17593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.113.122.48 ...	2020-03-29 00:12:58
129.205.7.67	attackbotsspam	$f2bV_matches	2020-03-29 00:01:01
211.252.84.62	attack	Mar 28 12:34:57 XXX sshd[61980]: Invalid user sylvaine from 211.252.84.62 port 3776	2020-03-29 00:40:12
70.65.174.69	attack	Mar 28 16:40:48 ns382633 sshd\[1472\]: Invalid user laleh from 70.65.174.69 port 53310 Mar 28 16:40:48 ns382633 sshd\[1472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.65.174.69 Mar 28 16:40:50 ns382633 sshd\[1472\]: Failed password for invalid user laleh from 70.65.174.69 port 53310 ssh2 Mar 28 16:54:33 ns382633 sshd\[4017\]: Invalid user kcw from 70.65.174.69 port 43704 Mar 28 16:54:33 ns382633 sshd\[4017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.65.174.69	2020-03-29 00:25:01
104.236.33.155	attackspambots	$f2bV_matches	2020-03-29 00:33:07
180.76.189.196	attackbots	Invalid user jpo from 180.76.189.196 port 58092	2020-03-29 00:26:23
38.143.23.79	attackbots	SpamScore above: 10.0	2020-03-29 00:43:43
124.232.133.205	attack	Mar 28 08:41:56 Tower sshd[35958]: Connection from 124.232.133.205 port 24285 on 192.168.10.220 port 22 rdomain "" Mar 28 08:41:58 Tower sshd[35958]: Invalid user ago from 124.232.133.205 port 24285 Mar 28 08:41:58 Tower sshd[35958]: error: Could not get shadow information for NOUSER Mar 28 08:41:58 Tower sshd[35958]: Failed password for invalid user ago from 124.232.133.205 port 24285 ssh2 Mar 28 08:41:58 Tower sshd[35958]: Received disconnect from 124.232.133.205 port 24285:11: Bye Bye [preauth] Mar 28 08:41:58 Tower sshd[35958]: Disconnected from invalid user ago 124.232.133.205 port 24285 [preauth]	2020-03-29 00:16:01
62.234.206.12	attack	Mar 28 14:33:08 legacy sshd[26986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.206.12 Mar 28 14:33:10 legacy sshd[26986]: Failed password for invalid user olin from 62.234.206.12 port 45570 ssh2 Mar 28 14:38:08 legacy sshd[27188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.206.12 ...	2020-03-29 00:17:52
178.46.213.248	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-29 00:38:19
46.229.168.142	attack	Mar 28 13:42:37 debian-2gb-nbg1-2 kernel: \[7658424.073569\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=46.229.168.142 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=52 ID=0 DF PROTO=TCP SPT=17154 DPT=443 WINDOW=0 RES=0x00 RST URGP=0	2020-03-29 00:04:28

Recently Reported IPs

104.21.38.153	104.21.38.158	104.21.38.164	104.21.38.179
104.21.38.177	104.21.38.18	104.21.38.167	104.21.38.172
104.21.38.192	104.21.38.191	104.21.38.178	104.21.69.22
104.21.38.206	104.21.38.204	104.21.38.194	104.21.38.207
104.21.38.215	104.21.38.224	104.21.38.213	104.21.38.218